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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b), 

Status 

1 )□ Responsive to communication(s) filed on . 

2a)D This action is FINAL. 2b)l3 This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) [>3 Claim(s) 1-20 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) E3 Claim(s) 7-20 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) M The specification is objected to by the Examiner. 

10) 13 The drawing(s) filed on 13 July 2001 is/are: a)M accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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Detailed Action 



1 . The Preliminary Amendment filed on January 7, 2002 has been entered. 
Claims 1-20 have been examined. 



Specification 

2. The disclosure is objected to because of the following informalities: on 
page 4, line 14, an indefinite article is missing. Appropriate correction is 
required. 



Claim Objections 

3. Claim 20 is objected to because of the following informalities: the phrase 
"varies over continuously over time" should read "varies continuously over time". 
Appropriate correction is required. 



Claim Rejections - 35 USC §112 

4. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

5. Claim 12 is rejected under 35 U.S.C. 112, second paragraph, as being 
incomplete for omitting essential structural cooperative relationships of elements, 
such omission amounting to a gap between the necessary structural 
connections. See MPEP § 2172.01. The omitted structural cooperative 
relationships are: the structural relationship between the memory (see line 2) and 
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the logic to perform a stream cipher using an encryption key on input data 
segmented in random sized blocks (see lines 3-5). 



Double Patenting 

6. The nonstatutory double patenting rejection is based on a judicially 
created doctrine grounded in public policy (a policy reflected in the statute) so as 
to prevent the unjustified or improper timewise extension of the "right to exclude" 
granted by a patent and to prevent possible harassment by multiple assignees. 
See In re Goodman, 1 1 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re 
Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 
F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 

USPQ 619 (CCPA 1970);and, In re Thorington, 418 F.2d 528, 163 USPQ 644 
(CCPA 1969). 

A timely filed terminal disclaimer in compliance with 37 CFR 1 .321 (c) may 
be used to overcome an actual or provisional rejection based on a nonstatutory 
double patenting ground provided the conflicting application or patent is shown to 
be commonly owned with this application. See 37 CFR 1 .130(b). 

Effective January 1 , 1994, a registered attorney or agent of record may 
sign a terminal disclaimer. A terminal disclaimer signed by the assignee must 
fully comply with 37 CFR 3.73(b). 

7. Claims 1 -8, 1 2-1 4, and 1 7-1 9 are provisionally rejected under the judicially 
created doctrine of obviousness-type double patenting as being unpatentable 
over claims 1-8, 15-20, 22 and 25 of copending Application No. 09,864,042. 
Although the conflicting claims are not identical, they are not patentably distinct 
from each other because both sets of claims define a cipher comprising a routine 
to divide incoming plain text into variable-sized blocks and a routine converting 
the plain text into cipher text based on an encryption key and an internal 
identifier. The additional limitation of an internal state affecting the conversion 
routine defined in the aforementioned claims of the instant application does not 
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define a patentably distinct limitation since it is an inherent feature of a ciphering 
device. 

This is a provisional obviousness-type double patenting rejection because 
the conflicting claims have not in fact been patented. 



Claim Rejections - 35 USC § 103 

8. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described 
as set forth in section 102 of this title, if the differences between the subject matter sought to 
be patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary skill in the art to which 
said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 



9. Claims 12-18 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Coppersmith et al. U.S. Patent No. 6,243,470 (hereinafter Coppersmith) and 
Ritter U.S. Patent No. 5,727,062 (hereinafter Ritter). 



10. As per claim 12, Coppersmith discloses a computing device comprising: 

a. a memory (see Coppersmith, Figure 1, Reference No. 28); and 

b. logic to perform a state-varying stream cipher operation, controlled 
by at least an encryption key and an internal state of the computing 
device, on input data segmented blocks (see Coppersmith, Abstract). 

1 1 . Coppersmith does not expressly disclose the input data as being 
segmented into random sized blocks. Ritter teaches a cipher wherein the block 
size is dynamically variable during operation (see Ritter, col. 1 1 , lines 64-67). It 
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would be obvious to one of ordinary skill in the art at the time the invention was 
made to apply the teaching of Ritter to the cipher taught by Coppersmith. 
Motivation for such an implementation, inter alia, include: a variable block size 
cipher to better fit to existing systems, to better fit to variable size devices and to 
potentially eliminate expansion data. See Ritter, col. 7, lines 28-63; col. 9, lines 
5-14. The aforementioned covers claim 12. 



12. As per claim 13, Coppersmith covers a computer device as outlined above 
in the claim 12 rejection under 35 U.S.C. 103(a). In addition, the stream cipher 
operation involves encryption. See Coppersmith, Abstract. The aforementioned 
covers claim 13. 



13. As per claim 14, Coppersmith covers a computer device as outlined above 
in the claim 12 rejection under 35 U.S.C. 103(a). In addition, the logic is an 
integrated circuit. See Coppersmith, col. 6, lines 20-24. The aforementioned 
covers claim 14. 



14. As per claims 15 and 16, Coppersmith covers a computer device as 
outlined above in the claim 12 rejection under 35 U.S.C. 103(a). In addition, the 
internal state of the computing device varies over time and the variation of the 
internal state of the computing device is periodic being set at a time that an 
encryption process begins for each block of input data. See Coppersmith, 
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Abstract; col. 20, line 44-col. 23, line 50, 'sub-key generation'. The 
aforementioned cover claims 15 and 16. 



15. As per claims 17, Coppersmith covers a computer device as outlined 
above in the claim 12 rejection under 35 U.S.C. 103(a). In addition, the 
computing device is a smart card. See Coppersmith, col. 3, lines 37-41 . Further, 
smart cards are secure portable devices, wherein the actuation of the device is 
restricted to authorized operations. The aforementioned covers claim 17. 



1 6. As per claim 1 8, Coppersmith covers a computer device as outlined above 
in the claim 15 rejection under 35 U.S.C. 103(a). In addition, the computing 
device is an operating system. See Coppersmith, Figures 1 and 2, and claim 16. 
The aforementioned covers claim 18. 



17. Claims 1-3, 9 and 10 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Coppersmith in view of Ritter, and further in view of Reardon 
U.S. Patent No. 6,212,635 (hereinafter Reardon). 



18. As per claim 1 , Coppersmith covers a state-varying hybrid cipher 
operating within a computing device as outlined above in the claim 15 rejection 
under 35 U.S.C. 1 03(a). For the reasons argued above, the cipher comprises: 
a. a first software routine to divide incoming plain text into variable- 
sized blocks (see Coppersmith, col. 7, lines 33-43; col. 7, line 57-col. 8, 
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line 3; see Ritter, col. 11, lines 64-67; col. 7, lines 28-63; col. 9, lines 5- 
14); and 

b. a second software routine to convert the plain text into cipher text 
based on an encryption key and an internal state of the computing device 
(see Coppersmith, col. 7, line 45-col. 11, line 42; col. 20, line 44-col. 23, 
line 50: the sub-key (internal state) is set for each round). 
19. Coppersmith does not expressly teach using an encryption key and an 
internal identifier to encrypt the plain text. However, use of an identifier in 
addition to an encryption key to encipher a plain text is a common feature in the 
art to uniquely associate a cipher text to an encrypting device. For example, 
Reardon teaches incorporating user and system identification profile information 
as seed values into a one-way hash function to generate an encryption key. See 
Reardon, col. 1 0, lines 40-59. It would be obvious to one of ordinary skill in the 
art at the time the invention was made for the plain text to be encrypted using an 
encryption key and an internal identifier to create a cipher text unique to the 
device profile as taught by Reardon. Ibid. The aforementioned covers claim 1 . 



20. As per claims 2 and 3, Coppersmith covers a cipher as outlined above in 
the claim 1 rejection under 35 U.S.C. 103(a). 

21 . Coppersmith does not teach generating a value for the block size from a 
second non-linear function based on the encryption key and the internal 
identifier. However, as argued above, Coppersmith teaches block size as an 
adjustable variable and that randomization of block size enables a more secure 
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cipher. See Coppersmith, col. 2, lines 51-53; col. 7, lines 37-38. Further, Ritter 
teaches block size as a dynamic variable that varies over the course of 
transmitted data to enable a more adaptable cipher. See Ritter, col. 7, lines 28- 
63; col. 9, lines 5-14. Moreover, Reardon teaches combining multiple seeds 
unique to a device (encryption key and internal identifier operate as values 
unique to an encrypting device) to generate a unique value specific to the device 
by means of a second non-linear function (a one-way hash function). See 
Reardon, col. 10, lines 40-59. Hence, it would be obvious to one of ordinary skill 
in the art at the time the invention was made for the block size to be generated 
from a second non-linear function seeded with values unique to the cipher device 
to generate a unique random block size, but deterministic based on values 
unique to the cipher device as taught by Coppersmith, Ritter and Reardon. Ibid. 
22. Further, Coppersmith does not teach using the output of a first non-linear 
function as a third parameter seed to the second non-linear function to generate 
the block size. However, non-linear functions are the basic functions for 
generating cryptographic pseudo-random variables (as before, one-way hash 
functions); moreover, the nature of pseudo-random values ensures these values 
are most likely secure from all attacks except for brute-force methods and hence, 
effectively secure from unscrupulous third parties. Finally, a pseudo-random 
value as a seed for a non-linear function introduces another randomizing element 
into the block size generator to make for a more secure encryption system. 
Examiner takes Official Notice of these teachings. It would be obvious to one of 
ordinary skill in the art at the time the invention was made for the block size to be 
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further determined based on a first non-linear function since the block size would 
be based on a pseudo-random value and hence harder to ascertain as known to 
one of ordinary skill in the art. The aforementioned cover claims 2 and 3. 



23. As per claim 9, Coppersmith covers a cipher as outlined above in the 
claim 1 rejection under 35 U.S.C. 103(a). Although Coppersmith does not 
expressly teach a routine distributing error correcting codes in the cipher text in 
order to correct modifications, error correcting codes are well known features in 
the art of networking to identify and correct errors occurring to digital data during 
transmission. Some examples are: parity, checksums and CRC. Examiner 
takes Official Notice of this teaching. It would be obvious to one of ordinary skill 
in the art at the time the invention was made for a third software routine to 
distribute error correcting codes in the cipher text in order to correct modifications 
as known to one of ordinary skill in the art. The aforementioned covers claim 9. 

24. As per claim 1 0, Coppersmith covers a cipher as outlined above in the 
claim 1 rejection under 35 U.S.C. 103(a). In addition, the internal state of the 
computing device is periodically modified. See Coppersmith, Abstract; col. 20, 
line 44-col. 23, line 51 . The aforementioned covers claim 10. 



25. Claims 4, 5, 7, 8, 19 and 20 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Coppersmith in view of Ritter and Reardon, and further in view 
of Moskowitz et al. U.S. Patent No. 5,822,432 (hereinafter Moskowitz). 
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26. As per claim 4, Coppersmith covers a cipher as outlined above in the 
claim 1 rejection under 35 U.S.C. 103(a). 

27. Coppersmith does not disclose a third software routine to determined if a 
plurality of random data elements are to be distributed within the cipher text. 
Moskowitz teaches a method of inserting random values into a digital stream 
(watermarking the data), which are based on human interactive input information, 
by mapping these values into the digital stream wherein a key is used to identify 
the locations of the random values. See Moskowitz, claims 1 and 4; Figure 1 . It 
would be obvious to one of ordinary skill in the art at the time the invention was 
made for the cipher to include a third software routine to determine if a plurality of 
random data elements are to be distributed within the cipher text. Motivation for 
such an implementation enables the cipher to insert a watermark contingent on 
input by a user. See Moskowitz, col. 2, lines 31-55. 

28. Further, Coppersmith does not expressly disclose computing a hash 
digest of the random data elements. However, it is well-known in the art that 
hash digests are used to fingerprint digital data to allow for future validation of its 
authenticity. Moreover, security features to ensure the integrity of watermarks 
are an essential step to maintain the validity of a watermark, and hence the 
authenticity of the digital data. Examiner takes Official Notice of these teachings. 
It would be obvious to one of ordinary skill in the art at the time the invention was 
made for the output stream to include a hash digest to enable future verification 
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of the authenticity of the digital data as known to one of ordinary skill in the art. 
The aforementioned covers claim 4. 

29. As per claim 5, Coppersmith covers a cipher as outlined above in the 
claim 4 rejection under 35 U.S.C. 103(a). 

30. In addition, the fourth software routine further performs a first shuffling 
operation on the internal state of the computing device based on the encryption 
key so that a single bit modification of the encryption key requires complete 
recalculation of the internal state of the computing device. See Coppersmith, 
Figure 5B, Reference No. 610 and related text. The aforementioned covers 
claim 5. 



31 . As per claim 7, Coppersmith covers a cipher as outlined above in the 
claim 4 rejection under 35 U.S.C. 103(a). 

32. In addition, Moskowitz discloses that the third software routine determines 
a statistical amount of random data elements distributed within the cipher text is 
programmable based on a percentage value entered by a user. See Moskowitz, 
claim 4. It would be obvious to one of ordinary skill in the art at the time the 
invention was made for the third software routine to determine an amount of 
random data elements distributed within the cipher text to be programmable 
based on a percentage value entered by a user to enable the user to minimize 
the footprint while maximize the security of the watermark. See Moskowitz, col. 

1 , lines 46-51 . The aforementioned covers claim 7. 
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33. As per claim 8, Coppersmith covers a cipher as outlined above in the 
claim 7 rejection under 35 U.S.C. 103(a). 

34. Coppersmith does not disclose that the amount of random data elements 
distributed within the cipher text is based on the encryption key, the internal 
identifier and the internal state of the hybrid stream cipher. However, 
Coppersmith does teach randomizing parameters of a cipher to thwart an 
observer from discovering the original contents of a cipher text. See 
Coppersmith, col. 2, lines 51-53. Since the randomization must be deterministic 
to enable an inverse operation, or at least identify the locations of these random 
data values in the digital stream, the randomization sequence must be based on 
values corresponding to the known state of the cipher when the amount of 
random data elements was initially determined. Hence, values such as the 
encryption key, the internal identifier and the internal state of the computing 
device are obvious seeds to generate the amount of random data elements to be 
distributed within the cipher text. It would be obvious to one of ordinary skill in 
the art at the time the invention was made for the amount of random data 
elements distributed within the cipher text to be based on the encryption key, the 
internal identifier and the internal state of the hybrid stream cipher to 
automatically generate a random but deterministic value as known to one of 
ordinary skill in the art. The aforementioned covers claim 8. 
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35. As per claim 19, Coppersmith covers a method as outlined above in the 
claim 7 rejection under 35 U.S.C. 103(a). In addition, since the method is a 
symmetric key cipher, a decryption method utilizes the same key and the results 
of its own earlier iterations to randomize the transformation of data. See 
Coppersmith, Abstract; col. 6, lines 46-59. The aforementioned covers claim 19. 



36. As per claim 20, Coppersmith covers a method as outlined above in the 
claim 19 rejection under 35 U.S.C. 103(a). In addition, the internal state of the 
computing device varies continuously over time. See Coppersmith, Abstract; col. 
20, line 44-col. 23, line 50, 'sub-key generation 1 . The aforementioned covers 
claim 20. 



37. Claim 6 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Coppersmith in view of Ritter, Reardon and Moskowitz, and further in view of 
Fielder et al. U.S. Patent No. 5,963,646 (hereinafter Fielder). 



38. As per claim 6, Coppersmith covers a cipher as outlined above in the 
claim 5 rejection under 35 U.S.C. 103(a). 

39. In addition, as outlined above, Coppersmith teaches initializing the internal 
state of the computing device based on at least an internal identifier, but does not 
teach a second shuffling operation on the internal state of the computing device 
based on at least the internal identifier. Fielder teaches shuffling internal 
identifiers to generate a cipher key, which is used to encrypt a plain text. See 
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Fielder, Figure 2, Reference No. 52. It would be obvious to one of ordinary skill 
in the art at the time the invention was made for a second software routine to 
perform a second shuffling operation on the internal state of the computing 
device based on at least the internal identifier to resist cryptographic analysis. 
See Fielder, col. 3, lines 1-6. The aforementioned covers claim 6. 



40. Claim 1 1 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Coppersmith in view of Ritter and Reardon, and further in view of Stallings, 
Cryptography and Network Security (hereinafter Stallings). As per claim 1 1 , 
Coppersmith covers a cipher as outlined above in the claim 1 rejection under 35 
U.S.C. 103(a). Coppersmith does not teach basing the internal state of the 
computing device on a time value. Stallings teaches incorporating time values 
into digital data as a means to assure the freshness of a transmitted digital 
message. See Stallings, page 304, 5 th bullet. A broader view of this teaching 
links an event and/or data to a unique time value. Further, as mentioned above, 
Reardon teaches incorporation seeds to uniquely identify the generated key with 
the profile of the user/system at the time of key generation. It would be obvious 
to one of ordinary skill in the art at the time the invention was made for the 
internal state of the computing device to be based on a time value. Motivation for 
such a combination enables the internal state to be based on a specific time 
relevant to the generation of the cipher text as known to one of ordinary skill in 
the art. 
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Conclusion 



The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

Coppersmith U.S. Patent No. 6,192,129. 

Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Jung W Kim whose telephone number is 
(703) 305-8289. The examiner can normally be reached on M-F 9:00-6:00. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Gilberto Barron can be reached on (703) 305-1830. The 
fax phone number for the organization where this application or proceeding is 
assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from 
the Patent Application Information Retrieval (PAIR) system. Status information 
for published applications may be obtained from either Private PAIR or Public 
PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). / J 



GILBERTO BARRON ' 
SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 
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